package com.taotao.controller;

import java.util.HashMap;
import java.util.Map;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.taotao.common.pojo.TaotaoResult;

/**
 * 权限管理，管理员或者商家登录
 * @author Administrator
 *
 */
@Controller
public class ManagerLoginController {

	//action="/admin/login" method="post"
	@RequestMapping(value="/admin/login",produces="application/json")
	@ResponseBody
	public TaotaoResult adminLogin(String username,String password) {
		//1.创建令牌
		UsernamePasswordToken upt = new UsernamePasswordToken(username,password);
		//2.获得subject主题
		Subject subject = SecurityUtils.getSubject();
		try {
			subject.login(upt);
		}catch (IncorrectCredentialsException ex) {
			System.out.println("用户名和密码不匹配！");
			return TaotaoResult.build(400, "用户名和密码不匹配！");
		}catch (ExcessiveAttemptsException ex) {
			System.out.println("已经超过登录次数（5次）");
			return TaotaoResult.build(400, "登录次数超限！请10分钟后再试！");
		}
		System.out.println("已经登录成功！");
		return TaotaoResult.ok();
	}
	
	//url:"/admin/logout",
	@RequestMapping("/admin/logout")
	@ResponseBody
	public TaotaoResult  adminLogout() {
		Subject subject = SecurityUtils.getSubject();
		subject.logout();
		return TaotaoResult.ok();
	}
}
